PKI Interoperability Based on Online Certificate Validation

Authors

  • Dinu Smadu Military Technical Academy

Keywords:

SCVP, PKI, certificate validation, OpenSSL, path discovery, path validation, CADDISK

Abstract

One of the most important problems related to Public Key Infrastructures is the validation of the digital certificates. Certificate validation services can be based on offline and/or online schemes. Offline schemes have the major disadvantage that they cannot always give an up-to-date response. On the other side, the most used protocol for online validation, the Online Certificate Status Protocol [1], also has its drawbacks. It can only state if a certificate has been revoked or not. RFC 5055 [2] defines a more complex protocol, the Server-based Certificate Validation Protocol (SCVP), capable of building and validating the certification path. To implement a basic functionality of this new protocol, we will start from an existing project, the CADDISK and we will try to implement an OpenSSL module.

References

Downloads

Published

2011-03-30

How to Cite

Smadu, D. (2011). PKI Interoperability Based on Online Certificate Validation. Journal of Mobile, Embedded and Distributed Systems, 3(1), 17-20. Retrieved from http://jmeds.eu/index.php/jmeds/article/view/PKI-Interoperability-Based-on-Online-Certificate-Validation